Announcement

Collapse
No announcement yet.

"Sometimes" cannot ping remote nodes over the WAN

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • "Sometimes" cannot ping remote nodes over the WAN

    This problem is very odd and it only happens once a while. To clearly describe the issue, please picture the network topology below.

    (site A)
    PC1
    |
    Router1
    ||
    WAN
    ||
    Router2
    |
    PC2
    (site B)


    Problem:
    "Sometimes" from site A, I cannot ping PC2 in site B over the WAN. When that is happening, I can still reach any other nodes in site B. That is to say, the WAN connection is ok. If I login to Router2 or other computer in site B, I have no problem to ping PC2. In other words, PC2 is up and running and still has a working network connection. Doing a trace route, the route stop at Router2. But if I telnet to Router2, I can ping PC2.
    When the problem happens, it usually lasts for a few hours then comes back to normal and PC2 becomes pingable. The problem does not limited to PC2. It happend on switches, firewall, and other PC's.

    Any suggestion will be appreciated.

    Thanks,
    Springman Lee

  • #2
    Re: "Sometimes" cannot ping remote nodes over the WAN

    I would look at the ARP cache on router 2.

    Comment


    • #3
      Re: "Sometimes" cannot ping remote nodes over the WAN

      Do you suggest clear the arp cache?

      Comment


      • #4
        Re: "Sometimes" cannot ping remote nodes over the WAN

        I would want to look at it when the issue occurs before flushing it, to see if it's the problem. Make note of the MAC addresses for the affected devices and routers beforehand. Then when the issue occurs look at the ARP cache on router 2. If it looks OK, then look at the ARP cache on router 1 and both computers.

        Comment


        • #5
          Re: "Sometimes" cannot ping remote nodes over the WAN

          Compared the arp in Router2 for that when the issue occurred and not occurred, I did not find any difference in terms of the MAC address of the affected device. Checking the arp on Router1, there is no arp table for the IP subnet in site B.

          I did not get a chance to capture and compare the before-and-after arp cache on the afftected PC2. I will now record all the arp info on all the devices involved in this issue. Next time when the issue happens again, I will look into the arp.

          Thanks a lot for your input.

          Comment


          • #6
            Re: "Sometimes" cannot ping remote nodes over the WAN

            Router 1 won't have any ARP entries for subnet B as it's not connected to subnet B. Conversely Router 2 won't have ARP entries for subnet A as it's not connected to subnet A. What I would look for on Router 2 when the problem occurs is if it has an ARP entry for PC2 and does PC2 have an ARP entry for Router 2.

            If you have a managed switch on subnet B I would look at the ARP table there as well to see if the entries for Router 2 and PC 2 look correct as far as what port they're "registered" on.

            Comment


            • #7
              Re: "Sometimes" cannot ping remote nodes over the WAN

              The switch is Cisco 3560G. I got your idea. I am going to record the arp from the switchs as well. Next time it happens, I will focus on the arp on Router2, switch, and PC2 or other affected device.

              Thanks.
              Springman

              Comment


              • #8
                Re: "Sometimes" cannot ping remote nodes over the WAN

                Thanks for the update. Keep us posted.

                Comment


                • #9
                  Re: "Sometimes" cannot ping remote nodes over the WAN

                  When you say that you cannot ping PC2, what error comes back? "Destination host unreachable", "Network Unreachable", etc? Furthermore, what is the OS on PC1? Is there a different error message when you try to ping from router 1? Windows has "unique" meanings for things like "destination host unreachable" that might not conform to the same meaning on another device. Or so I've heard, anyway...
                  Wesley David
                  LinkedIn | Careers 2.0
                  -------------------------------
                  Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
                  Vendor Neutral Certifications: CWNA
                  Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
                  Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

                  Comment


                  • #10
                    Re: "Sometimes" cannot ping remote nodes over the WAN

                    Thanks for taking time to investigate the issue. When it happened, if I ping it from PC1, it was "Request timed out." Both PC1 and PC2 are XP. I also tried to ping it from switch and router in site A, can't ping either. However, if I ping it from a PC/switch/router in site B, there was no problem with the ping. The issue only happens across the WAN.

                    Comment


                    • #11
                      Re: "Sometimes" cannot ping remote nodes over the WAN

                      Based on the fact that you are getting "Response Timed Out" from your pings, I think you should focus on the physical layer. If it were a problem at the network layer (routing) you would be getting a "Destination Host Unreachable" or a "Network Unreachable" response. It really does look like an ARP issue to me.

                      Comment


                      • #12
                        Re: "Sometimes" cannot ping remote nodes over the WAN

                        That makes me worried if I gave you the wrong info. I didn't realize that ping response message can tell us different level of message. I may be wrong. Next time if it happens I will pay more attention. Good lesson today.

                        Correct me if I am still wrong.

                        Layer 2 problem
                        Request timed out

                        Layer 3 problem
                        Destination Host Unreachable or Network Unreachable
                        (I found this could also be true when the computer issues the ping command does not have network connection.)

                        Comment


                        • #13
                          Re: "Sometimes" cannot ping remote nodes over the WAN

                          Basically yes. If a host doesn't have a network connection (cable or port problem) this is generally a physical layer problem.

                          A Request Timed Out basically means that all devices in between know how to get to the pinged host but the pinged host doesn't respond. This is usually a physical layer problem.

                          A Network or Host or Destination unreachable message generally means that devices in between do not know how to get to the pinged host. This is usually a network layer problem.

                          Of course there are caveats and exceptions that may apply.

                          Comment

                          Working...
                          X